VYPR

Go modules package

open-cluster-management.io/ocm

pkg:golang/open-cluster-management.io/ocm

Vulnerabilities (2)

  • CVE-2026-4740HigApr 7, 2026
    affected < 1.2.1fixed 1.2.1

    A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OC

  • CVE-2024-9779HigDec 17, 2024
    affected < 0.13.0fixed 0.13.0

    A flaw was found in Open Cluster Management (OCM) when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole als